| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-01-10 | Add latest changes from gitlab-org/security/gitlab@12-4-stable-ee | GitLab Bot | |
| 2019-12-31 | Add latest changes from gitlab-org/security/gitlab@12-4-stable-ee | GitLab Bot | |
| 2019-11-26 | Merge branch 'security-dos-issue-and-commit-comments-12-4' into '12-4-stable' | GitLab Release Tools Bot | |
| Fix invalid byte sequence See merge request gitlab/gitlabhq!3548 | |||
| 2019-11-26 | Merge branch 'security-dns-rebind-ssrf-in-slack-notifications-12-4-ce' into ↵ | GitLab Release Tools Bot | |
| '12-4-stable' Use Gitlab::HTTP for all chat notifications See merge request gitlab/gitlabhq!3516 | |||
| 2019-11-26 | Merge branch 'security-ag-cycle-analytics-guest-permissions-12-4' into ↵ | GitLab Release Tools Bot | |
| '12-4-stable' Prevent guests from seeing commits for cycle analytics See merge request gitlab/gitlabhq!3533 | |||
| 2019-11-26 | Merge branch 'security-fix-xss-in-label-namespace-12-4' into '12-4-stable' | GitLab Release Tools Bot | |
| Escape namespace in label references See merge request gitlab/gitlabhq!3551 | |||
| 2019-11-26 | Merge branch 'security-28802-respect-fork-parent-visibility-12-4' into ↵ | GitLab Release Tools Bot | |
| '12-4-stable' Check permissions before showing a forked project's source See merge request gitlab/gitlabhq!3556 | |||
| 2019-11-26 | Ensure attributes that end in `_ids` are cleaned | DJ Mountney | |
| This prevents an issue where you can steal other projects objects by asking for ids that don't belong to you in import. | |||
| 2019-11-25 | Check permissions before showing a forked project's source | Nick Thomas | |
| 2019-11-25 | Escape namespace in label references | Heinrich Lee Yu | |
| When referencing cross-namespace labels, we append the namespace name to the rendered label. This MR escapes the name to prevent XSS attacks. | |||
| 2019-11-22 | Fix invalid byte sequence | Patrick Derichs | |
| 2019-11-20 | Prevent guests from seeing commits for cycle analytics | Aakriti Gupta | |
| - if the user has access level lower than REPORTER, don't include commit count in summary | |||
| 2019-11-04 | Use Gitlab::HTTP for all chat notifications | Hordur Freyr Yngvason | |
| 2019-11-04 | Add latest changes from gitlab-org/gitlab@12-4-stable-ee | GitLab Bot | |
| 2019-10-24 | Merge branch 'security-wiki-rdoc-content-12-4-ce' into '12-4-stable' | GitLab Release Tools Bot | |
| Pass all wiki markup formats through our Banzai pipeline filters See merge request gitlab/gitlabhq!3485 | |||
| 2019-10-24 | Merge branch ↵ | GitLab Release Tools Bot | |
| 'security-2914-labels-visible-despite-no-access-to-issues-repositories-12-4' into '12-4-stable' Labels visible despite no access to issues & repositories See merge request gitlab/gitlabhq!3489 | |||
| 2019-10-23 | Allow tests to ignore recursion | charlieablett | |
| 2019-10-23 | Check for recursion and fail if too recursive | charlieablett | |
| - List all overly-recursive fields - Reduce recursion threshold to 2 - Add test for not-recursive-enough query - Use reusable methods in tests - Add changelog - Set changeable acceptable recursion level - Add error check test helpers | |||
| 2019-10-23 | Pass all wiki markup formats through pipelines | Luke Duncalfe | |
| Previously, when the wiki page format was anything other than `markdown` or `asciidoc` the formatted content would be returned though a Gitaly call. Gitaly in turn would delegate formatting to the gitlab-gollum-lib gem, which in turn would delegate that to various gems (like RDoc for `rdoc`) and then apply some very liberal sanitization. It was too liberal! This change brings our wiki content formatting in line with how we format other markdown at GitLab, so we have a SSOT for sanitization. https://gitlab.com/gitlab-org/gitlab/issues/30540 | |||
| 2019-10-22 | Fix labels finder to filter issuables | Eugenia Grieff | |
| Use project scopes to filter project labels that are visible for user | |||
| 2019-10-22 | Add latest changes from gitlab-org/gitlab@12-4-stable-ee | GitLab Bot | |
| 2019-09-26 | Merge branch 'security-sarcila-verify-saml-request-origin-12-3' into ↵ | GitLab Release Tools Bot | |
| '12-3-stable' Check that SAML identity linking validates the origin of the request See merge request gitlab/gitlabhq!3396 | |||
| 2019-09-24 | Filter not accessible label events | Jan Provaznik | |
| Label events may use cross-project or cross-group references, if the projects are not accessible by user, we don't show these label events. | |||
| 2019-09-20 | Validate that SAML requests are originated from gitlab | Sebastian Arcila Valenzuela | |
| If the request wasn't initiated by gitlab we shouldn't add the new identity to the user, and instead show that we weren't able to link the identity to the user. This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509 | |||
| 2019-09-20 | Add latest changes from gitlab-org/gitlab@12-3-stable | GitLab Bot | |
| 2019-09-20 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-20 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-20 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-19 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-19 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-19 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-18 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-18 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-18 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-16 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-16 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-16 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-14 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-14 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-14 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-13 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-13 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
| 2019-09-12 | Create self-monitoring project in background migration | Reuben Pereira | |
| - A regular migration caused problems such as https://gitlab.com/charts/gitlab/issues/1565. | |||
| 2019-09-12 | Setup counter for Productivity Analytics | Adam Hegyi | |
| This change sets up a usage counter for productivity analytics feature. | |||
| 2019-09-12 | Merge branch 'bw-asset-proxy-markdown-bump' into 'master' | Jan Provaznik | |
| Bump the CACHE_COMMONMARK_VERSION See merge request gitlab-org/gitlab-ce!32935 | |||
| 2019-09-12 | Merge branch 'static-objects-external-storage' into 'master' | Thong Kuah | |
| Enable serving static objects from an external storage See merge request gitlab-org/gitlab-ce!31025 | |||
Welcome to mirror list, hosted at ThFree Co, Russian Federation.
 |
index : gitlab.com/gitlab-org/gitlab-foss.git | |
| Unnamed repository; edit this file 'description' to name the repository. | root |
| summaryrefslogtreecommitdiff |